Posted by Usually, i am always using SUSE Linux Enterprise Server as operating system for Zimbra Mail Server. But, starting from Zimbra 9.x.x, SLES has been deprecated (end of life) and may be will not supported by Zimbra. Therefore, i attempt to using CentOS as operating system for Zimbra. For easy understanding, this is my information system
Domain : imanudin.net Hostname : mail IP Address : 192.168.26.11
# Configure Network
First, we must configure network on CentOS. Assuming name of your network interface is eth0
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=none IPADDR=192.168.26.11 NETMASK=255.255.255.0 DNS1=192.168.26.11 GATEWAY=192.168.26.2 DNS2=192.168.26.2 USERCTL=no
Restart network service and setup for automatic boot
service network restart chkconfig network on
# Configure Disable Selinux & Firewall
Open file /etc/sysconfig/selinux and change SELINUX=enforcing become SELINUX=disabled. Also disable some service such as iptables, ip6tables and firewalld.
setenforce 0 service firewalld stop service iptables stop service ip6tables stop systemctl disable firewalld systemctl disable iptables systemctl disable ip6tables
# Configure /etc/hosts, /etc/resolv.conf and hostname
Open file /etc/hosts and configure as follows
127.0.0.1 localhost 192.168.26.11 mail.imanudin.net mail
Open file /etc/resolv.conf and configure as follows
search imanudin.net nameserver 192.168.26.11 nameserver 192.168.26.2 nameserver 8.8.8.8
Do the following command as root
hostname mail.imanudin.net echo "HOSTNAME=mail.imanudin.net" >> /etc/sysconfig/network
# Disable service sendmail or postfix
Do the following command as root
service sendmail stop service postfix stop systemctl disable sendmail systemctl disable postfix
# Update repo and install package dependency by Zimbra
yum update yum -y install perl perl-core wget screen w3m elinks openssh-clients openssh-server bind bind-utils unzip nmap sed nc sysstat libaio rsync telnet aspell
# Configure local DNS Server
Zimbra needed lookup to MX records on domain that used. For that purpose, we can configure dns server on machine of Zimbra mail server
Open file /etc/named.conf and add any on listen-on port 53 and allow-query as follows
listen-on port 53 { 127.0.0.1; any; };
allow-query { localhost; any; };
Create a zone on the bottom of file named.conf as follows
zone "imanudin.net" IN {
type master;
file "db.imanudin.net";
allow-update { none; };
};
Create database for new zone has been created on folder /var/named/
touch /var/named/db.imanudin.net chgrp named /var/named/db.imanudin.net vi /var/named/db.imanudin.net
fill as follows
$TTL 1D
@ IN SOA ns1.imanudin.net. root.imanudin.net. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.imanudin.net.
@ IN MX 0 mail.imanudin.net.
ns1 IN A 192.168.26.11
mail IN A 192.168.26.11
# Restart Service & Check results configuring DNS Server
service named restart systemctl enable named nslookup mail.imanudin.net dig imanudin.net mx
If results from above command as follows, your configuration dns has been success
[root@mail opt]# nslookup mail.imanudin.net Server: 192.168.26.11 Address: 192.168.26.11#53 Name: mail.imanudin.net Address: 192.168.26.11
Preparation for install Zimbra has been finished. Now we can install zimbra and will explained on next section 😀
Good luck and hopefully useful 😀
Hi real nice job, all working well until the final stages:
3. nslookup server1.example.com
I get the following error:
Server: 192.168.***.***
Address: 192.168.***.***#53 {I have *** my actual details}
** server can’t find fcts.in: NXDOMAIN
Tried googling for workarounds to no avail, do you have any ideas why this is failing?
thanks and once again great work
EDIT:
3. nslookup server1.example.com
I get the following error:
Server: 192.168.***.***
Address: 192.168.***.***#53 {I have *** my actual details}
** server can’t find server1.example.com: NXDOMAIN
Hi Steve,
Could you please give me information below :
1. What’s your IP Address?
2. What’s your domain (you can masking your domain)?
3. Information status about DNS (service named status)?
If you still have problem with manual configuration, you can consider to try using script automatic at this one : https://imanudin.net/2014/10/07/how-to-easy-install-zimbra-8-5-on-centos-7/
Good Luck 😀
Hi Iman,
Thanks for the reply, I’ve found the problem it was related to my domain name. The guide is solid my spelling on the other hand is not!
Thanks again
Hi real nice job, all working
Hi Anubrata,
Thanks for your visit
Hi Iman,
crystal clear… all works perfect… Keep going…
Hi Partha,
Thanks for visit 😀
Disable selinux and all firewalls? What a dumbass. Perhaps learn how to use these tools before suggesting to other that they should turn them off
Hi Free,
Thanks for your info. That is my mistake not explain why should be disabled.
That is because i am usually using Firewall/Router Appliance for filter and rule.
Thanks again Free 😀
Hi, Reverse Zone needed ? Becos you are not configured reverse lookup zone.
Thanks
Sriram
Hi Sriram,
Just forward Zone is enough. Because this is just local DNS.
Thanks
i have concern here.
i think gmail, yahoomail and other major email service providers block messages from my server and one of the reasons they cite is ‘no reverse DNS’ found.
Would you like to add the zone here!
Thanks/
Hi Musa,
You should ask to your ISP to delegate/give PTR Records for your email server. For example :
******
Hi Noc,
To increase reputation of email, please give PTR/Reverse DNS for my email server like below :
your-public-address IN PTR mail.imanudin.net
example
123.124.125.126 IN PTR mail.imanudin.net
Thank you
********
HTH 😀
You have any PDF or Word documentation , because i am not familar with linux but i want install zimbra mail server
Hi Sandeep,
For this time, i do not have PDF or other document except this blog 😀
getting below error when i run nslookup XXX.domain name
** server can’t find mail.XXX.com: NXDOMAIN
getting below error when i run nslookup XXX.domain name
** server can’t find mail.XXX.com: NXDOMAIN
hi iman,
I want to use my local windows AD DS Server. how can i accomplish this one? do i need to Configure local DNS Server on my centos mail server?
Thanks!
Hi Denver,
Yes, you can using AD DS Server as DNS for Zimbra mail server. Please make sure MX record is refers into Zimbra 😀
thank you for your paper
it is a good job , and waiting good things from you
i follow the two parts and it was working successfully
thanks alot
what version of zimbra do you prefer , because i am going to install mail server in my job
thanks for help
Hi Abumahmoud,
My recommendation is Zimbra for RHEL/CentOS 7 and using last version for Zimbra
Hi, nice job…congratulations for the tutorial. You could do a step by step tutorial for backup of all emails . Thank You.
Hi Johnny,
Thanks. Nice to meet you. I will try it 😉
Hello; I’m not doing wrong but check the ports-law tells me that this conflict port detected 53 ( dns-cache)
I made the installation under a Firewall pfSense, which may be failing
Hi Osvaldo Ferreyra,
Are you also install Zimbra DNS-Cache and configure Bind as DNS server? if yes, please disable/uninstall Zimbra DNS-Cache or disable Bind (please choose one)
Iman, thank you for your prompt reply and also for your contribution to the technology.
greetings
Hello Iman, did you suggested change and get to the point ldap initialization throws me an error (28160). I commented briefly that I have a production server with the same domain, it might cause some conflict that certificates? Stop services and returned to start, and gives the following message
Failed to start slapd – Attempting debug start to determined error. 55c20c2c
daemon: bind (7) Failed errno=99 (Cannot assign requested address)
55c20c2cslap_open_listener:failed on ldap: //zimbra.gargano.com.ar:389
Any idea that can be
greetings
Hi Osvaldo Ferreyra,
Please give me more information about :
– /etc/hosts
– /etc/resolv.conf
– hostname -f
– service named status
Hi Iman, check the files you mentioned me and cold today I realized that he had mistyped an address on the host so that was not resolving properly. Now I run the installation again and if you notice something wrong.
Best regards and thank for all
Nice tutorial….however i have a problem below:
We have just migrated one of our Zimbra hosted domains to an external mail server and modified MX records accordingly.
Mail is now arriving at the new server successfully, unless it is sent from one of the other domains hosted on our ZImbra installation where it gets delivered to the “legacy” domain locally.
How do I get Zimbra to route all email traffic externally running correct MX lookups to the new server, rather than using local delivery?
please note that iwould not want to delete or rename the domain from the old server.
waiting for help
Regards jolly joe
Hi Jolly Joe,
If using Zimbra, you could modify transport for every users. Please see the example below :
Note : newzimbraserver is IP address or name of the new server
Hello Iman
I appreciate your response…
That is nice, however i host more than 80 domains on the server ..and would wish to formulate a script that automates the process on a domain basis.If you could asist me in ensuring that zimbra performs MX lookups even for local domains (domains on the server), then iguess the issue will have been solved….as changing the mx record for the domain will solved the problem.
in the current situation, zimbra seems to be ignoring mx lookups for locally hosted domains however much they have different mx records.
which is the backborne of my problem
however i welcome any idea
Hi Jolly Joe,
You could using script for to do that. This is the simple script which one could help you :
The above script will make a file with name modify-transport.zmp in /srv/ folder. You should execute again that script
HTH
Hello Iman:
Again by specifying your knowledge here. I tell my problem, the server to send arm works well but can not receive email.
I’m doing the testing in a laboratory armed with an Internet connection that we are changing along with the mail service and pfSense firewall. Production services were configured by a service company so they delegated their dns in domain registration and the different tests I do DNS and point to the test mail my working network connection.
I somehow make it work without touching anything that is working, or you would have to do to work ?.
Hi,
If cannot receive email from outside, please make sure has been fulfill requirement as described at this guidance : https://imanudin.net/2015/03/15/how-to-configure-receive-email-from-the-internetoutside/
Hi Iman,
I need help how can I change my default domain.
I have 4 domain on my zimbra mail. I already migrated my first domain example03.com this domain has smallest user account. That why I make this as my primary mail domain on zimbra. Since I Already created all users on remaining 3 domains and initially migrate their mailbox using imapsync.
What I want now is to retain my original default mail domain which is mail.example.com and my hostname to mail.example.com
Zimbra Setup:
hostname: mail.example03.com
default domain: example03.com
example.com
example01.com
example02.com
example03.com
I want to make example.com as my default doamin
changed my hostname to mail.example.com
Thanks..
Hi Ferjun,
For change default domain, please login to Zimbra Admin | Configure | Global settings | Default domain. Please change in that section
Please take a look also information about Virtual Host in Zimbra : https://www.zimbra.com/docs/os/6.0.10/administration_guide/Managing_ZCS.08.3.html
thanks iman,
can you please validate the steps below:
1. rename server hostname – mail.exampleo3.com >> mail.example.com
2. Request to change rDNS on my ISP to also change on my public DNS (go Daddy)
3. Reconfigure local DNS server change example03.com to example.com (based on your guide on local DNS above)
4. Change default domain to example.com
Another question: instead of creating local DNS on zimbra server it’s OK to use my internal Windows DNS server?
Thanks..
Hi Ferjun,
All step it seems ok. For DNS, i am recommend you to use local DNS on Zimbra server instead of Internal Windows DNS Server. But, no problem if you want to use internal Windows DNS Server. 😉
hi imman
how to configure multiple domain and dns in centos for zimbra mail server…
Hi Rajesh,
You only need to create another domain via Zimbra Admin | Configure | Domains
hi imman
thanks..then anything update in dns…
rgds
Rajesh
Hi Iman,
Thanks for fine tutorial. I want to know whether DNS server setup as shown above is required for actual production mail server if A and MX record are already configured with domain registrar. Because we already have postfix/dovecot server running and thinking to replace the same with zimbra OSE
Regards
Nishant
Hi,
I am recommend to configure BIND as local dns server. it is aim to lookup IP itself instead of Public DNS when sending to local domain 🙂
Dear Sir
help me please.
I have been running ZCS 6.5 opensource. In all of the computers, i am getting this error while login via webmail :
“Oops! It appears your browser does not allow cookies. You need to enable cookies in order to use the Zimbra Web Client”.
I have enabled cookies and javascript..
AM wondering where to go next..
Thank you in advance.
Rgds
Rajesh.A
Hi Rajesh.A,
I am sorry. I am not have ZCS 6.5 and cannot escalation your problem
Hi iman I have a doubt how can I establish the hostname and the domain ?
Hoping for a fast answer please greetings from Mexico
Hi Edgar,
Greeting. You can use hostname (for example) mail and your domain (for example) imanudin.net. But, you can use hostname and domain anything as you want 😉
Hi Iman,
when i do the step service named restart, the Job for named.service has failed.
what is the problem with this step?
Hi,
What information in the log when starting service named? please check in /var/log/messages
I’m having issues receiving mail from external, looks like it’s being filtered for some reason due to the sender domain although I have whitelisted etc. Please see mail delivery failure message below:
Jun 1 11:51:24 mail postfix/smtpd[10477]: NOQUEUE: filter: RCPT from pro236-77.mxout.rediffmailpro.com[202.137.236.77]: : Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from= to= proto=ESMTP helo=
can u help me pls
Hi Rajesh,
Your log information are not complete and i am not found mail delivery failure from your log. Please try to trace with zmmsgtrace command
Note : Please change external-domain with real domain from outside
Pls find the correct error
Jun 1 11:51:24 mail postfix/smtpd[10477]: NOQUEUE: filter: RCPT from pro236-77.mxout.rediffmailpro.com[202.137.236.77]: : Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from= to= proto=ESMTP helo=
HI Iman
pls find the full error
Jun 10 16:16:13 mail postfix/smtpd[21489]:
NOQUEUE: filter: RCPT from pro236-77.mxout.rediffmailpro.com
77.mxout.rediffmailpro.com[202.137.236.77]: : Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from= to= proto=ESMTP helo=
Hi Rajesh,
Your log information still not helpful. Maybe you can try to disable antispam services to re-check the problem
Please retry to sending email
Jun 13 10:54:40 mail postfix/smtpd[27129]:
NOQUEUE: filter: RCPT from pro237-249.mxout.rediffmailpro.com
[202.137.237.249]: :
Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=
to=
proto=ESMTP helo=
Jun 13 10:54:40 mail postfix/smtpd[27129]:
NOQUEUE: filter: RCPT from pro237-249.mxout.rediffmailpro.com
[202.137.237.249]: : Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from= to= proto=ESMTP helo=
Thank you iman i will try and let u know…
not receiving mails from client…
we cant send full error via post…..can u share your personal mail id
for sending error….pls….
Hi Rajesh,
Please use this form : https://imanudin.net/contact/
Hi Iman,
i have a question how change the hostname server in zimbra?
thanks
Hi Fatimainfo,
You can use this guidance : https://wiki.zimbra.com/wiki/ZmSetServerName
kalo konfigurasi untuk 2 ip gimana ya?
misal nya eth0 untuk ip lokal, eth1 untuk ip publik
Hi,
Konfigurasinya sama saja. Tidak ada yang berbeda
mas iman,
terima kasih sebelumnya, untuk menambahkan ns2.local.domain gimana caranya yah ?
thanks
Hi mas,
Untuk ns2 tidak perlu ditambahkan. Cukup ns1 saja
mas iman, mohon maaf mengganggu kembali.
saya sudah berhasil kirim email keluar maupun masuk.
akan tetapi tempat saya mendaftarkan hosting, membutuhkan 2 ns sebagai cadangan.
ns1.xxxx.com dan ns2.xxxx.com
mohon bantuannya untuk penambahan ns2-nya mas.
Hi Frandisa,
Untuk ns1 dan ns2 hanya dibutuhkan apabila membuat DNS public. Konfigurasi DNS pada Zimbra hanya dibutuhkan untuk lokal saja. Jadi tidak perlu ditambahkan
Mas Iman,
mau tanya lagi, saya sudah beli domain, menggunakan ip public juga. kirim email antar ip dengan blok yang sama sudah berhasil dalam 1 provider. tetapi email keluar tetap failure. sepertinya port 25 saya di blok oleh ISP, adakah cara lain untuk mengganti Port 25 tersebut mas ?
Terima kasih sebelumnya
hi iman,
How can I disabled dns zone transfer? i added allow-transfer {“none”;}; in DNS config but not working, vulnerability scanner detected that DNS zone trasfer enabled in my zimbra server
zone “imanudin.net” IN {
type master;
file “db.imanudin.net”;
allow-update { none; };
allow-transfer {“none”;};
};
thanks!
Hi Daba,
I don’t much know about DNS. But you can try to change this line
before
allow-query { localhost; any; };allow-query { localhost; your-server-address; };Hi Iman, can you help me with the guide on how i can install zimbra using Cloudflare as a thirdparty DNS ?
If i use cloudflare to route the nameserver do i still need to BIND the DNS ?
Please help
Hello MannyP,
You still need BIND for local DNS
need help in adding external email address in galsync address book.
i did adding email address in galsync@example.com address book but when i type email id in new email its not showing up..
Hello,
Please try this one : https://imanudin.com/2017/02/03/tips-menambahkan-eksternal-email-pada-gal-zimbra/
Hi,
I have installed Zimbra Community edition 8.8.12 in Digital Ocean server with floating IP assigned. In Zimbra server local DNS is running. The domain NS pointed to cloudflare and DNS is managed by the same, have setup the SPF, DMARC and DKIM for the mail domain. We are able to send and receive emails, however some domain rejecting the emails due to missing PTR ( Yahoo server reject the message, Google deliver to Spam folder). Can you please help me how to setup the PTR and improve the creditability?
Hello,
PTR records can be configured at Digital Ocean : https://www.digitalocean.com/community/questions/how-to-setup-a-ptr-record
mas saya sudah berhasil part 1 ini, trus saya save state di oracle virtual box, nah pas saya lanjutkan besoknya saya ping dulu ke google tidak bisa bahkan nslookup jadi tidak bisa itu gmn ya
jika saya menggunakan virtualbox interface saya enp0s3 apa enp0s8 ? dan jika saya pindah wifi langsung tidak konek bagaimana ya
Hi mas,
Rekomendasi coba langsung testing di cloud mas. Misal sewa perjam di Digital Ocean